News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Update

Dell PowerEdge servers with a highly dangerous vulnerability
7 April 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Dell warns users of PowerEdge servers: A highly dangerous vulnerability in the BIOS of PowerEdge servers could give a malicious user increased rights management and allow local attackers to access without authentication. Dell does not describe exactly how the attack can occur on the Dell PowerEdge servers. The list of affected devices suggests that the BIOS update must be very important - it is extremely long. The threat described is as follows: “The Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a privilege management vulnerability. An unauthenticated local attacker could...

Read more

VMware: Critical 9.9 vulnerability in Aria Automation
18 January 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

VMware reports a critical vulnerability in Aria Automation with a CVSS score of 9.9 and strongly recommends an update. Otherwise, attackers could gain unauthorized access to remote organizations and workflows. The update is ready Aria Automation contains a security vulnerability regarding lack of access control. VMware has assessed the severity of this issue in the Critical Severity range with a maximum CVSSv3 base value of 9.9. The Aria Automation lack of access control vulnerability was defined in CVE-2023-34063. According to VMware, “An authenticated malicious actor could exploit this vulnerability and result in unauthorized access to remote organizations and workflows.” Updates are available…

Read more

Vulnerabilities: BSI recommends Chrome and Microsoft Edge Update
12 January 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

New vulnerabilities could allow attackers to execute code and control browsers remotely. The BSI therefore urgently recommends updating the browser, which is also very easy to do. The CVSS value of 8.8 is considered highly dangerous. The Federal Office for Information Security (BSI) warns users and companies of highly dangerous vulnerabilities with the CVSS value 8.8 in the Google Chrome and Microsoft Edge browsers under the Windows, MacOS and Linux operating systems. A remote, anonymous attacker could exploit multiple vulnerabilities in Google Chrome and Microsoft Edge to...

Read more

Microsoft: Exchange server update paralyzes servers
August 11, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft has released security updates for Exchange vulnerabilities affecting Exchange Server 2019 and 2016. However, these updates will cripple the server if it is not English-speaking. However, Microsoft now offers a workaround so that the servers can be patched. After all, it's about a vulnerability with a CVSS value of 9.8. Some administrators who implement necessary security updates immediately have experienced a bitter surprise. When installing the security updates Exchange Server 2019 and Exchange Server 2016, error messages rained down and some servers were paralyzed afterwards. The problem: As soon as the server was not operated in English, the…

Read more

Google Chrome: Update closes 20 vulnerabilities
July 22, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Many highly dangerous vulnerabilities have again been found via Chrome's bug bounty program. The current Chrome update to version 115.0.5790.98/99 closes 20 vulnerabilities - 4 of which are classified as "highly dangerous" The current Chrome update contains a total of 20 updates, including 4 updates for highly dangerous vulnerabilities. In companies, the admins ensure that Chrome remains up to date. Individual companies and SMEs should definitely click in the help area - the further update happens automatically. Work PCs often run through and as long as the browser is not closed and reopened, no update happens! Chrome version 115.0.5790.98/99 closes gaps…

Read more

Critical vulnerabilities in Android 11, 12 and 13
March 11, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Google shares on its Android Security Bulletin that there are two critical vulnerabilities in Android 11, 12, 12L and 13. If you have an Android device with current support, you should trigger the system update manually to check whether the March security update is already available for your device. In its Android Security Bulletin March 2023, Google informed about the critical vulnerabilities CVE-2023-20951 and CVE-2023-20954. Both serious vulnerabilities can lead to remote code execution without requiring additional execution permissions. No user interaction is required for use. If you have a device with current support, you should therefore check the system update to see if it…

Read more

VMware-ESXi: Attacks threaten tens of thousands of servers
17. February 2023
| No comments
| Bitdefender, Stories
VMware-ESXi: Attacks threaten tens of thousands of servers

The attacks on the VMware ESXi never end. They continue to threaten tens of thousands of servers and require updating to the latest VMware ESXi version, according to Bitdefender experts. Even rescue scripts no longer work because the ransomware has adapted. The attacks on the VMware ESXi hypervisors, which exploit the recently discovered CVE-2021-21974 vulnerability with little effort to play a wide variety of payloads as remote code, have enormous potential for spreading. They are therefore developing into mass attacks for opportunistic cybercriminals and are a current example of hybrid attacks: VMware-ESXi : Example of hybrid attack In…

Read more

BSI warns: Multiple vulnerabilities in Microsoft Edge
17 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI has issued a warning about vulnerabilities in the new Chromium-based web browser Edge. Users should update the browser on MacOS X or Windows, since attackers could execute arbitrary program code and escalate their privileges. The Federal Office for Information Security warns of two vulnerabilities in the new Chrome-based browser Edge. The vulnerabilities CVE-2023-21775 and CVE-2023-21796 are classified as “High” dangerous with a CVSS Base Score of 8.3. In this way, attackers could exploit the vulnerabilities to execute arbitrary program code and thus increase their privileges on the system. Open Edge...

Read more

Study: Every second endpoint is at risk due to missing patches
3 October 2022
| No comments
| Stories
Study: Every second endpoint is at risk due to missing patches

According to a study by Adaptiva and the Ponemon Institute, companies are investing in protecting their endpoints. Nevertheless, they often find it difficult to reliably address every endpoint and to provide updates and patches. This increases the risk of cyberattacks and security breaches. Adaptiva, provider of endpoint management and security solutions, has partnered with the Ponemon Institute to publish the study "Managing Risks and Costs at the Edge". In it, they show the difficulties many companies have in managing their endpoints, especially due to the distributed infrastructures that accompany the new world of work. missing…

Read more

Update: EZVIZ cameras with vulnerabilities
September 28, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Bitdefender recently published and described the vulnerabilities in 10 million EZVIZ cameras and called for the firmware to be updated. EZVIZ itself comments on this and thanks for the cooperation with Bitdefender and requests the customers to update via push notifications. BitDefender has diagnosed three security vulnerabilities in five product models of EZVIZ cameras and described them in detail. To fix the vulnerabilities (CVE-2022-2471, CVE-2022-2472) on the products and one on the cloud platform, EZVIZ has released an updated firmware. Since September 14, 2022, the public safety notice has been available on the company website at EZVIZ....

Read more

© 2024 MedPressIT GbR
Cookie Settings